Total Pageviews

02 November 2009

Password and PIN problems

An article on the relative security and insecurity of websites and banks

Why is it that websites deem a 6 character all lower case password to be "very weak" when there's 306million+ possibilities. Yet a 4 digit PIN (9999 possibilities) is secure enough for banks?

The website one is almost 31,000 times more secure yet is deemed "weak". Surely a rule for websites that if the incorrect password is used a certain number of times the account is locked would be sufficient to make the weak password 31,000 times stronger than the bank's security.

We have to be practical about this. In reality, any rules around requiring a password to have upper and lower case letter and special characters such as $,% etc simply make it much more likely people will write the passwords down. Just because this makes it the person's problem rather than the website's is no excuse - the overall security of the account is the issue, including the likelyhood that the account will be broken into because the password was so complicated it, together with the dozons of other passwords from other sites, all had to be written down somewhere because it was too much to remember.

Can we please have simpler password rules for websites and some way of having one strong security mechanism which ties them all together?

Craig
Posted by at 09:00
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Banish the Post Office queue
    Every time I go to the post office there's a queue. No matter how much they try and keep the queue length down, inevitably you get stuck...
  • Sign up to stop spam
    Today I joined a group determined to fight spam through legal action . It has already been successful with one high profile victory. I also ...
  • Want to catch the next wave on the Internet?
    From a posting on the Now-Forum ... I was wondering if there was anyone reading this who is either: Prepared to invest in building a proto...
  • Creating the ironing machine
    I've been having a busy time over on the Cambrian House site lately. Check out my profile and the full set of awards I completed last ...
  • Inspirational management
    I started learning management techniques at Digital. Run by Ken Olsen, in 1986 Fortune Magazine named him the " most successful entrepr...
  • Bothered by Bosch
    My article about Dyson's breakdown problems made the front page of reddit and hopefully this article on Bosch will do so too because m...
  • Car charging
    In the recent budget the chancellor placed much more emphasis on the rates of car tax based on the pollution caused by the car. Since the re...
  • The Great Mystery of Online Ticket Purchase
    How would you like it if you went into your favourite supermarket and then were charged 10% admin fee on top of the shelf price to take your...
  • Scotland is now smoke free by law
    Scotland has become the first part of the UK to be smoke free by law. The law bans smoking in all indoor public places and workplaces, inclu...
  • America: Land of the free?
    It has always surprised me that in the US, where holidays are valued and children get about 6 weeks more annual holiday than the UK, that ad...